CWE-354
Improper Validation of Integrity Check Value
The product does not validate or incorrectly validates the integrity check values or "checksums" of a message. This may prevent it from detecting if the data has been modified or corrupted in transmission.
CVE-2016-15028 (GCVE-0-2016-15028)
Vulnerability from cvelistv5
4.8 (Medium) - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L
- CWE-354 - Improper Validation of Integrity Check Value
► | URL | Tags | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
Vendor | Product | Version | ||
---|---|---|---|---|
ICEPAY | REST-API-NET |
Version: 0.9 |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T03:47:34.929Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "vdb-entry", "technical-description", "x_transferred" ], "url": "https://vuldb.com/?id.222847" }, { "tags": [ "signature", "permissions-required", "x_transferred" ], "url": "https://vuldb.com/?ctiid.222847" }, { "tags": [ "patch", "x_transferred" ], "url": "https://github.com/ICEPAY/REST-API-NET/commit/61f6b8758e5c971abff5f901cfa9f231052b775f" }, { "tags": [ "patch", "x_transferred" ], "url": "https://github.com/ICEPAY/REST-API-NET/releases/tag/1.0" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "modules": [ "Checksum Validation" ], "product": "REST-API-NET", "vendor": "ICEPAY", "versions": [ { "status": "affected", "version": "0.9" } ] } ], "credits": [ { "lang": "en", "type": "tool", "value": "VulDB GitHub Commit Analyzer" } ], "descriptions": [ { "lang": "en", "value": "A vulnerability was found in ICEPAY REST-API-NET 0.9. It has been declared as problematic. Affected by this vulnerability is the function RestClient of the file Classes/RestClient.cs of the component Checksum Validation. The manipulation leads to improper validation of integrity check value. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. Upgrading to version 1.0 is able to address this issue. The patch is named 61f6b8758e5c971abff5f901cfa9f231052b775f. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-222847." }, { "lang": "de", "value": "In ICEPAY REST-API-NET 0.9 wurde eine problematische Schwachstelle ausgemacht. Betroffen ist die Funktion RestClient der Datei Classes/RestClient.cs der Komponente Checksum Validation. Durch das Beeinflussen mit unbekannten Daten kann eine improper validation of integrity check value-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk passieren. Die Komplexit\u00e4t eines Angriffs ist eher hoch. Sie gilt als schwierig ausnutzbar. Ein Aktualisieren auf die Version 1.0 vermag dieses Problem zu l\u00f6sen. Der Patch wird als 61f6b8758e5c971abff5f901cfa9f231052b775f bezeichnet. Als bestm\u00f6gliche Massnahme wird das Einspielen eines Upgrades empfohlen." } ], "metrics": [ { "cvssV3_1": { "baseScore": 4.8, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L", "version": "3.1" } }, { "cvssV3_0": { "baseScore": 4.8, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L", "version": "3.0" } }, { "cvssV2_0": { "baseScore": 4, "vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:P", "version": "2.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-354", "description": "CWE-354 Improper Validation of Integrity Check Value", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-10-20T11:20:25.534Z", "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB" }, "references": [ { "tags": [ "vdb-entry", "technical-description" ], "url": "https://vuldb.com/?id.222847" }, { "tags": [ "signature", "permissions-required" ], "url": "https://vuldb.com/?ctiid.222847" }, { "tags": [ "patch" ], "url": "https://github.com/ICEPAY/REST-API-NET/commit/61f6b8758e5c971abff5f901cfa9f231052b775f" }, { "tags": [ "patch" ], "url": "https://github.com/ICEPAY/REST-API-NET/releases/tag/1.0" } ], "timeline": [ { "lang": "en", "time": "2023-03-11T00:00:00.000Z", "value": "Advisory disclosed" }, { "lang": "en", "time": "2023-03-11T00:00:00.000Z", "value": "CVE reserved" }, { "lang": "en", "time": "2023-03-11T01:00:00.000Z", "value": "VulDB entry created" }, { "lang": "en", "time": "2023-04-04T12:52:02.000Z", "value": "VulDB entry last update" } ], "title": "ICEPAY REST-API-NET Checksum Validation RestClient.cs RestClient integrity check" } }, "cveMetadata": { "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "assignerShortName": "VulDB", "cveId": "CVE-2016-15028", "datePublished": "2023-03-12T14:31:03.247Z", "dateReserved": "2023-03-11T08:10:56.726Z", "dateUpdated": "2024-08-06T03:47:34.929Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2017-3224 (GCVE-0-2017-3224)
Vulnerability from cvelistv5
► | URL | Tags | |||
---|---|---|---|---|---|
|
Vendor | Product | Version | ||
---|---|---|---|---|
Open Shortest Path First (OSPF) | Protocol |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T14:16:28.299Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "VU#793496", "tags": [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred" ], "url": "https://www.kb.cert.org/vuls/id/793496" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Protocol", "vendor": "Open Shortest Path First (OSPF)", "versions": [ { "status": "unknown", "version": "N/A" } ] } ], "datePublic": "2017-07-27T00:00:00", "descriptions": [ { "lang": "en", "value": "Open Shortest Path First (OSPF) protocol implementations may improperly determine Link State Advertisement (LSA) recency for LSAs with MaxSequenceNumber. According to RFC 2328 section 13.1, for two instances of the same LSA, recency is determined by first comparing sequence numbers, then checksums, and finally MaxAge. In a case where the sequence numbers are the same, the LSA with the larger checksum is considered more recent, and will not be flushed from the Link State Database (LSDB). Since the RFC does not explicitly state that the values of links carried by a LSA must be the same when prematurely aging a self-originating LSA with MaxSequenceNumber, it is possible in vulnerable OSPF implementations for an attacker to craft a LSA with MaxSequenceNumber and invalid links that will result in a larger checksum and thus a \u0027newer\u0027 LSA that will not be flushed from the LSDB. Propagation of the crafted LSA can result in the erasure or alteration of the routing tables of routers within the routing domain, creating a denial of service condition or the re-routing of traffic on the network. CVE-2017-3224 has been reserved for Quagga and downstream implementations (SUSE, openSUSE, and Red Hat packages)." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-354", "description": "CWE-354", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2018-07-24T14:57:01", "orgId": "37e5125f-f79b-445b-8fad-9564f167944b", "shortName": "certcc" }, "references": [ { "name": "VU#793496", "tags": [ "third-party-advisory", "x_refsource_CERT-VN" ], "url": "https://www.kb.cert.org/vuls/id/793496" } ], "source": { "discovery": "UNKNOWN" }, "title": "Open Shortest Path First (OSPF) protocol implementations may improperly determine LSA recency in affected Quagga and downstream implementations (SUSE, openSUSE, and Red Hat packages)", "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cert@cert.org", "ID": "CVE-2017-3224", "STATE": "PUBLIC", "TITLE": "Open Shortest Path First (OSPF) protocol implementations may improperly determine LSA recency in affected Quagga and downstream implementations (SUSE, openSUSE, and Red Hat packages)" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Protocol", "version": { "version_data": [ { "affected": "?", "version_affected": "?", "version_value": "N/A" } ] } } ] }, "vendor_name": "Open Shortest Path First (OSPF)" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Open Shortest Path First (OSPF) protocol implementations may improperly determine Link State Advertisement (LSA) recency for LSAs with MaxSequenceNumber. According to RFC 2328 section 13.1, for two instances of the same LSA, recency is determined by first comparing sequence numbers, then checksums, and finally MaxAge. In a case where the sequence numbers are the same, the LSA with the larger checksum is considered more recent, and will not be flushed from the Link State Database (LSDB). Since the RFC does not explicitly state that the values of links carried by a LSA must be the same when prematurely aging a self-originating LSA with MaxSequenceNumber, it is possible in vulnerable OSPF implementations for an attacker to craft a LSA with MaxSequenceNumber and invalid links that will result in a larger checksum and thus a \u0027newer\u0027 LSA that will not be flushed from the LSDB. Propagation of the crafted LSA can result in the erasure or alteration of the routing tables of routers within the routing domain, creating a denial of service condition or the re-routing of traffic on the network. CVE-2017-3224 has been reserved for Quagga and downstream implementations (SUSE, openSUSE, and Red Hat packages)." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-354" } ] } ] }, "references": { "reference_data": [ { "name": "VU#793496", "refsource": "CERT-VN", "url": "https://www.kb.cert.org/vuls/id/793496" } ] }, "source": { "discovery": "UNKNOWN" } } } }, "cveMetadata": { "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b", "assignerShortName": "certcc", "cveId": "CVE-2017-3224", "datePublished": "2018-07-24T15:00:00", "dateReserved": "2016-12-05T00:00:00", "dateUpdated": "2024-08-05T14:16:28.299Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2018-5441 (GCVE-0-2018-5441)
Vulnerability from cvelistv5
► | URL | Tags | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
|
Vendor | Product | Version | ||
---|---|---|---|---|
n/a | PHOENIX CONTACT mGuard |
Version: PHOENIX CONTACT mGuard |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T05:33:44.317Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "102907", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/102907" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-030-01" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://cert.vde.com/en-us/advisories/vde-2018-001" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "PHOENIX CONTACT mGuard", "vendor": "n/a", "versions": [ { "status": "affected", "version": "PHOENIX CONTACT mGuard" } ] } ], "datePublic": "2018-01-30T00:00:00", "descriptions": [ { "lang": "en", "value": "An Improper Validation of Integrity Check Value issue was discovered in PHOENIX CONTACT mGuard firmware versions 7.2 to 8.6.0. mGuard devices rely on internal checksums for verification of the internal integrity of the update packages. Verification may not always be performed correctly, allowing an attacker to modify firmware update packages." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-354", "description": "CWE-354", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2018-05-16T13:57:02", "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "shortName": "icscert" }, "references": [ { "name": "102907", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/102907" }, { "tags": [ "x_refsource_MISC" ], "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-030-01" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://cert.vde.com/en-us/advisories/vde-2018-001" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "ics-cert@hq.dhs.gov", "ID": "CVE-2018-5441", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "PHOENIX CONTACT mGuard", "version": { "version_data": [ { "version_value": "PHOENIX CONTACT mGuard" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "An Improper Validation of Integrity Check Value issue was discovered in PHOENIX CONTACT mGuard firmware versions 7.2 to 8.6.0. mGuard devices rely on internal checksums for verification of the internal integrity of the update packages. Verification may not always be performed correctly, allowing an attacker to modify firmware update packages." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-354" } ] } ] }, "references": { "reference_data": [ { "name": "102907", "refsource": "BID", "url": "http://www.securityfocus.com/bid/102907" }, { "name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-030-01", "refsource": "MISC", "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-030-01" }, { "name": "https://cert.vde.com/en-us/advisories/vde-2018-001", "refsource": "CONFIRM", "url": "https://cert.vde.com/en-us/advisories/vde-2018-001" } ] } } } }, "cveMetadata": { "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "assignerShortName": "icscert", "cveId": "CVE-2018-5441", "datePublished": "2018-01-30T20:00:00", "dateReserved": "2018-01-12T00:00:00", "dateUpdated": "2024-08-05T05:33:44.317Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2019-10155 (GCVE-0-2019-10155)
Vulnerability from cvelistv5
► | URL | Tags | |||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
Vendor | Product | Version | ||
---|---|---|---|---|
the libreswan Project | libreswan |
Version: 3.29 |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T22:10:09.974Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://libreswan.org/security/CVE-2019-10155/" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10155" }, { "name": "FEDORA-2019-f7fb531958", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LFGPGLLKAXSLWFI62A6BZHTZSCHRCBXS/" }, { "name": "FEDORA-2019-1bd9cfb718", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EUEXFCN7FAYBKJBQJLYCEUQUCHDEJRZW/" }, { "name": "RHSA-2019:3391", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2019:3391" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "libreswan", "vendor": "the libreswan Project", "versions": [ { "status": "affected", "version": "3.29" } ] } ], "descriptions": [ { "lang": "en", "value": "The Libreswan Project has found a vulnerability in the processing of IKEv1 informational exchange packets which are encrypted and integrity protected using the established IKE SA encryption and integrity keys, but as a receiver, the integrity check value was not verified. This issue affects versions before 3.29." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 3.1, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-354", "description": "CWE-354", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2019-11-06T00:07:32", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://libreswan.org/security/CVE-2019-10155/" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10155" }, { "name": "FEDORA-2019-f7fb531958", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LFGPGLLKAXSLWFI62A6BZHTZSCHRCBXS/" }, { "name": "FEDORA-2019-1bd9cfb718", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EUEXFCN7FAYBKJBQJLYCEUQUCHDEJRZW/" }, { "name": "RHSA-2019:3391", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2019:3391" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2019-10155", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "libreswan", "version": { "version_data": [ { "version_value": "3.29" } ] } } ] }, "vendor_name": "the libreswan Project" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The Libreswan Project has found a vulnerability in the processing of IKEv1 informational exchange packets which are encrypted and integrity protected using the established IKE SA encryption and integrity keys, but as a receiver, the integrity check value was not verified. This issue affects versions before 3.29." } ] }, "impact": { "cvss": [ [ { "vectorString": "3.1/CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L", "version": "3.0" } ] ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-354" } ] } ] }, "references": { "reference_data": [ { "name": "https://libreswan.org/security/CVE-2019-10155/", "refsource": "MISC", "url": "https://libreswan.org/security/CVE-2019-10155/" }, { "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10155", "refsource": "CONFIRM", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10155" }, { "name": "FEDORA-2019-f7fb531958", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LFGPGLLKAXSLWFI62A6BZHTZSCHRCBXS/" }, { "name": "FEDORA-2019-1bd9cfb718", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EUEXFCN7FAYBKJBQJLYCEUQUCHDEJRZW/" }, { "name": "RHSA-2019:3391", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:3391" } ] } } } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2019-10155", "datePublished": "2019-06-12T13:51:01", "dateReserved": "2019-03-27T00:00:00", "dateUpdated": "2024-08-04T22:10:09.974Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2020-9210 (GCVE-0-2020-9210)
Vulnerability from cvelistv5
- CWE-354 - Improper Validation of Integrity Check Value
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2020-9210", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-12-27T14:59:45.612169Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-12-27T14:59:52.483Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Myna", "vendor": "Huawei", "versions": [ { "status": "affected", "version": "9.0.1.11(H100SP8C00)" } ] } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "\u003cp\u003eThere is an insufficient integrity vulnerability in Huawei products. A module does not perform sufficient integrity check in a specific scenario. Attackers can exploit the vulnerability by physically install malware. This could compromise normal service of the affected device. (Vulnerability ID: HWPSIRT-2020-00145)\u003c/p\u003e\u003cp\u003eThis vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2020-9210.\u003c/p\u003e" } ], "value": "There is an insufficient integrity vulnerability in Huawei products. A module does not perform sufficient integrity check in a specific scenario. Attackers can exploit the vulnerability by physically install malware. This could compromise normal service of the affected device. (Vulnerability ID: HWPSIRT-2020-00145)\n\nThis vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2020-9210." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "PHYSICAL", "availabilityImpact": "HIGH", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-354", "description": "CWE-354 Improper Validation of Integrity Check Value", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-12-27T09:46:26.267Z", "orgId": "25ac1063-e409-4190-8079-24548c77ea2e", "shortName": "huawei" }, "references": [ { "url": "https://www.huawei.com/en/psirt/security-advisories/2021/huawei-sa-20210106-01-myna-en" } ], "source": { "discovery": "UNKNOWN" }, "x_generator": { "engine": "Vulnogram 0.2.0" } } }, "cveMetadata": { "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e", "assignerShortName": "huawei", "cveId": "CVE-2020-9210", "datePublished": "2024-12-27T09:46:26.267Z", "dateReserved": "2020-02-18T00:00:00.000Z", "dateUpdated": "2024-12-27T14:59:52.483Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2021-20184 (GCVE-0-2021-20184)
Vulnerability from cvelistv5
► | URL | Tags | |||
---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T17:30:07.485Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://moodle.org/mod/forum/discuss.php?d=417167" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "moodle", "vendor": "n/a", "versions": [ { "status": "affected", "version": "moodle 3.10.1, moodle 3.9.4, moodle 3.8.7" } ] } ], "descriptions": [ { "lang": "en", "value": "It was found in Moodle before version 3.10.1, 3.9.4 and 3.8.7 that a insufficient capability checks in some grade related web services meant students were able to view other students grades." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-354", "description": "CWE-354", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2021-01-28T18:44:27", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://moodle.org/mod/forum/discuss.php?d=417167" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2021-20184", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "moodle", "version": { "version_data": [ { "version_value": "moodle 3.10.1, moodle 3.9.4, moodle 3.8.7" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "It was found in Moodle before version 3.10.1, 3.9.4 and 3.8.7 that a insufficient capability checks in some grade related web services meant students were able to view other students grades." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-354" } ] } ] }, "references": { "reference_data": [ { "name": "https://moodle.org/mod/forum/discuss.php?d=417167", "refsource": "MISC", "url": "https://moodle.org/mod/forum/discuss.php?d=417167" } ] } } } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2021-20184", "datePublished": "2021-01-28T18:44:27", "dateReserved": "2020-12-17T00:00:00", "dateUpdated": "2024-08-03T17:30:07.485Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2021-37182 (GCVE-0-2021-37182)
Vulnerability from cvelistv5
- CWE-354 - Improper Validation of Integrity Check Value
► | URL | Tags | |||
---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T01:16:03.731Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-145224.pdf" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "SCALANCE XM408-4C", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V6.5" } ] }, { "product": "SCALANCE XM408-4C (L3 int.)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V6.5" } ] }, { "product": "SCALANCE XM408-8C", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V6.5" } ] }, { "product": "SCALANCE XM408-8C (L3 int.)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V6.5" } ] }, { "product": "SCALANCE XM416-4C", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V6.5" } ] }, { "product": "SCALANCE XM416-4C (L3 int.)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V6.5" } ] }, { "product": "SCALANCE XR524-8C, 1x230V", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V6.5" } ] }, { "product": "SCALANCE XR524-8C, 1x230V (L3 int.)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V6.5" } ] }, { "product": "SCALANCE XR524-8C, 24V", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V6.5" } ] }, { "product": "SCALANCE XR524-8C, 24V (L3 int.)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V6.5" } ] }, { "product": "SCALANCE XR524-8C, 2x230V", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V6.5" } ] }, { "product": "SCALANCE XR524-8C, 2x230V (L3 int.)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V6.5" } ] }, { "product": "SCALANCE XR526-8C, 1x230V", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V6.5" } ] }, { "product": "SCALANCE XR526-8C, 1x230V (L3 int.)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V6.5" } ] }, { "product": "SCALANCE XR526-8C, 24V", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V6.5" } ] }, { "product": "SCALANCE XR526-8C, 24V (L3 int.)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V6.5" } ] }, { "product": "SCALANCE XR526-8C, 2x230V", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V6.5" } ] }, { "product": "SCALANCE XR526-8C, 2x230V (L3 int.)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V6.5" } ] }, { "product": "SCALANCE XR528-6M", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V6.5" } ] }, { "product": "SCALANCE XR528-6M (2HR2)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V6.5" } ] }, { "product": "SCALANCE XR528-6M (2HR2, L3 int.)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V6.5" } ] }, { "product": "SCALANCE XR528-6M (L3 int.)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V6.5" } ] }, { "product": "SCALANCE XR552-12M", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V6.5" } ] }, { "product": "SCALANCE XR552-12M (2HR2)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V6.5" } ] }, { "product": "SCALANCE XR552-12M (2HR2)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V6.5" } ] }, { "product": "SCALANCE XR552-12M (2HR2, L3 int.)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V6.5" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability has been identified in SCALANCE XM408-4C (All versions \u003c V6.5), SCALANCE XM408-4C (L3 int.) (All versions \u003c V6.5), SCALANCE XM408-8C (All versions \u003c V6.5), SCALANCE XM408-8C (L3 int.) (All versions \u003c V6.5), SCALANCE XM416-4C (All versions \u003c V6.5), SCALANCE XM416-4C (L3 int.) (All versions \u003c V6.5), SCALANCE XR524-8C, 1x230V (All versions \u003c V6.5), SCALANCE XR524-8C, 1x230V (L3 int.) (All versions \u003c V6.5), SCALANCE XR524-8C, 24V (All versions \u003c V6.5), SCALANCE XR524-8C, 24V (L3 int.) (All versions \u003c V6.5), SCALANCE XR524-8C, 2x230V (All versions \u003c V6.5), SCALANCE XR524-8C, 2x230V (L3 int.) (All versions \u003c V6.5), SCALANCE XR526-8C, 1x230V (All versions \u003c V6.5), SCALANCE XR526-8C, 1x230V (L3 int.) (All versions \u003c V6.5), SCALANCE XR526-8C, 24V (All versions \u003c V6.5), SCALANCE XR526-8C, 24V (L3 int.) (All versions \u003c V6.5), SCALANCE XR526-8C, 2x230V (All versions \u003c V6.5), SCALANCE XR526-8C, 2x230V (L3 int.) (All versions \u003c V6.5), SCALANCE XR528-6M (All versions \u003c V6.5), SCALANCE XR528-6M (2HR2) (All versions \u003c V6.5), SCALANCE XR528-6M (2HR2, L3 int.) (All versions \u003c V6.5), SCALANCE XR528-6M (L3 int.) (All versions \u003c V6.5), SCALANCE XR552-12M (All versions \u003c V6.5), SCALANCE XR552-12M (2HR2) (All versions \u003c V6.5), SCALANCE XR552-12M (2HR2) (All versions \u003c V6.5), SCALANCE XR552-12M (2HR2, L3 int.) (All versions \u003c V6.5). The OSPF protocol implementation in affected devices fails to verify the checksum and length fields in the OSPF LS Update messages. An unauthenticated remote attacker could exploit this vulnerability to cause interruptions in the network by sending specially crafted OSPF packets. Successful exploitation requires OSPF to be enabled on an affected device." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-354", "description": "CWE-354: Improper Validation of Integrity Check Value", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-06-14T09:21:24", "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "shortName": "siemens" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-145224.pdf" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "productcert@siemens.com", "ID": "CVE-2021-37182", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "SCALANCE XM408-4C", "version": { "version_data": [ { "version_value": "All versions \u003c V6.5" } ] } }, { "product_name": "SCALANCE XM408-4C (L3 int.)", "version": { "version_data": [ { "version_value": "All versions \u003c V6.5" } ] } }, { "product_name": "SCALANCE XM408-8C", "version": { "version_data": [ { "version_value": "All versions \u003c V6.5" } ] } }, { "product_name": "SCALANCE XM408-8C (L3 int.)", "version": { "version_data": [ { "version_value": "All versions \u003c V6.5" } ] } }, { "product_name": "SCALANCE XM416-4C", "version": { "version_data": [ { "version_value": "All versions \u003c V6.5" } ] } }, { "product_name": "SCALANCE XM416-4C (L3 int.)", "version": { "version_data": [ { "version_value": "All versions \u003c V6.5" } ] } }, { "product_name": "SCALANCE XR524-8C, 1x230V", "version": { "version_data": [ { "version_value": "All versions \u003c V6.5" } ] } }, { "product_name": "SCALANCE XR524-8C, 1x230V (L3 int.)", "version": { "version_data": [ { "version_value": "All versions \u003c V6.5" } ] } }, { "product_name": "SCALANCE XR524-8C, 24V", "version": { "version_data": [ { "version_value": "All versions \u003c V6.5" } ] } }, { "product_name": "SCALANCE XR524-8C, 24V (L3 int.)", "version": { "version_data": [ { "version_value": "All versions \u003c V6.5" } ] } }, { "product_name": "SCALANCE XR524-8C, 2x230V", "version": { "version_data": [ { "version_value": "All versions \u003c V6.5" } ] } }, { "product_name": "SCALANCE XR524-8C, 2x230V (L3 int.)", "version": { "version_data": [ { "version_value": "All versions \u003c V6.5" } ] } }, { "product_name": "SCALANCE XR526-8C, 1x230V", "version": { "version_data": [ { "version_value": "All versions \u003c V6.5" } ] } }, { "product_name": "SCALANCE XR526-8C, 1x230V (L3 int.)", "version": { "version_data": [ { "version_value": "All versions \u003c V6.5" } ] } }, { "product_name": "SCALANCE XR526-8C, 24V", "version": { "version_data": [ { "version_value": "All versions \u003c V6.5" } ] } }, { "product_name": "SCALANCE XR526-8C, 24V (L3 int.)", "version": { "version_data": [ { "version_value": "All versions \u003c V6.5" } ] } }, { "product_name": "SCALANCE XR526-8C, 2x230V", "version": { "version_data": [ { "version_value": "All versions \u003c V6.5" } ] } }, { "product_name": "SCALANCE XR526-8C, 2x230V (L3 int.)", "version": { "version_data": [ { "version_value": "All versions \u003c V6.5" } ] } }, { "product_name": "SCALANCE XR528-6M", "version": { "version_data": [ { "version_value": "All versions \u003c V6.5" } ] } }, { "product_name": "SCALANCE XR528-6M (2HR2)", "version": { "version_data": [ { "version_value": "All versions \u003c V6.5" } ] } }, { "product_name": "SCALANCE XR528-6M (2HR2, L3 int.)", "version": { "version_data": [ { "version_value": "All versions \u003c V6.5" } ] } }, { "product_name": "SCALANCE XR528-6M (L3 int.)", "version": { "version_data": [ { "version_value": "All versions \u003c V6.5" } ] } }, { "product_name": "SCALANCE XR552-12M", "version": { "version_data": [ { "version_value": "All versions \u003c V6.5" } ] } }, { "product_name": "SCALANCE XR552-12M (2HR2)", "version": { "version_data": [ { "version_value": "All versions \u003c V6.5" } ] } }, { "product_name": "SCALANCE XR552-12M (2HR2)", "version": { "version_data": [ { "version_value": "All versions \u003c V6.5" } ] } }, { "product_name": "SCALANCE XR552-12M (2HR2, L3 int.)", "version": { "version_data": [ { "version_value": "All versions \u003c V6.5" } ] } } ] }, "vendor_name": "Siemens" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A vulnerability has been identified in SCALANCE XM408-4C (All versions \u003c V6.5), SCALANCE XM408-4C (L3 int.) (All versions \u003c V6.5), SCALANCE XM408-8C (All versions \u003c V6.5), SCALANCE XM408-8C (L3 int.) (All versions \u003c V6.5), SCALANCE XM416-4C (All versions \u003c V6.5), SCALANCE XM416-4C (L3 int.) (All versions \u003c V6.5), SCALANCE XR524-8C, 1x230V (All versions \u003c V6.5), SCALANCE XR524-8C, 1x230V (L3 int.) (All versions \u003c V6.5), SCALANCE XR524-8C, 24V (All versions \u003c V6.5), SCALANCE XR524-8C, 24V (L3 int.) (All versions \u003c V6.5), SCALANCE XR524-8C, 2x230V (All versions \u003c V6.5), SCALANCE XR524-8C, 2x230V (L3 int.) (All versions \u003c V6.5), SCALANCE XR526-8C, 1x230V (All versions \u003c V6.5), SCALANCE XR526-8C, 1x230V (L3 int.) (All versions \u003c V6.5), SCALANCE XR526-8C, 24V (All versions \u003c V6.5), SCALANCE XR526-8C, 24V (L3 int.) (All versions \u003c V6.5), SCALANCE XR526-8C, 2x230V (All versions \u003c V6.5), SCALANCE XR526-8C, 2x230V (L3 int.) (All versions \u003c V6.5), SCALANCE XR528-6M (All versions \u003c V6.5), SCALANCE XR528-6M (2HR2) (All versions \u003c V6.5), SCALANCE XR528-6M (2HR2, L3 int.) (All versions \u003c V6.5), SCALANCE XR528-6M (L3 int.) (All versions \u003c V6.5), SCALANCE XR552-12M (All versions \u003c V6.5), SCALANCE XR552-12M (2HR2) (All versions \u003c V6.5), SCALANCE XR552-12M (2HR2) (All versions \u003c V6.5), SCALANCE XR552-12M (2HR2, L3 int.) (All versions \u003c V6.5). The OSPF protocol implementation in affected devices fails to verify the checksum and length fields in the OSPF LS Update messages. An unauthenticated remote attacker could exploit this vulnerability to cause interruptions in the network by sending specially crafted OSPF packets. Successful exploitation requires OSPF to be enabled on an affected device." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-354: Improper Validation of Integrity Check Value" } ] } ] }, "references": { "reference_data": [ { "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-145224.pdf", "refsource": "MISC", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-145224.pdf" } ] } } } }, "cveMetadata": { "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "assignerShortName": "siemens", "cveId": "CVE-2021-37182", "datePublished": "2022-06-14T09:21:24", "dateReserved": "2021-07-21T00:00:00", "dateUpdated": "2024-08-04T01:16:03.731Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2021-3772 (GCVE-0-2021-3772)
Vulnerability from cvelistv5
- CWE-354 - - Improper Validation of Integrity Check Value
► | URL | Tags | ||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T17:09:08.707Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2000694" }, { "tags": [ "x_transferred" ], "url": "https://ubuntu.com/security/CVE-2021-3772" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=32f8807a48ae55be0e76880cfe8607a18b5bb0df" }, { "tags": [ "x_transferred" ], "url": "https://github.com/torvalds/linux/commit/32f8807a48ae55be0e76880cfe8607a18b5bb0df" }, { "name": "[debian-lts-announce] 20220309 [SECURITY] [DLA 2941-1] linux-4.19 security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html" }, { "name": "DSA-5096", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.debian.org/security/2022/dsa-5096" }, { "tags": [ "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpujul2022.html" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20221007-0001/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "kernel", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Fixed in linux kernel v5.15 and above" } ] } ], "descriptions": [ { "lang": "en", "value": "A flaw was found in the Linux SCTP stack. A blind attacker may be able to kill an existing SCTP association through invalid chunks if the attacker knows the IP-addresses and port numbers being used and the attacker can send packets with spoofed IP addresses." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-354", "description": "CWE-354 - Improper Validation of Integrity Check Value", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-10-07T00:00:00", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2000694" }, { "url": "https://ubuntu.com/security/CVE-2021-3772" }, { "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=32f8807a48ae55be0e76880cfe8607a18b5bb0df" }, { "url": "https://github.com/torvalds/linux/commit/32f8807a48ae55be0e76880cfe8607a18b5bb0df" }, { "name": "[debian-lts-announce] 20220309 [SECURITY] [DLA 2941-1] linux-4.19 security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html" }, { "name": "DSA-5096", "tags": [ "vendor-advisory" ], "url": "https://www.debian.org/security/2022/dsa-5096" }, { "url": "https://www.oracle.com/security-alerts/cpujul2022.html" }, { "url": "https://security.netapp.com/advisory/ntap-20221007-0001/" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2021-3772", "datePublished": "2022-03-02T00:00:00", "dateReserved": "2021-09-06T00:00:00", "dateUpdated": "2024-08-03T17:09:08.707Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2021-41206 (GCVE-0-2021-41206)
Vulnerability from cvelistv5
- CWE-354 - Improper Validation of Integrity Check Value
► | URL | Tags | |||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
Vendor | Product | Version | ||
---|---|---|---|---|
tensorflow | tensorflow |
Version: >= 2.6.0, < 2.6.1 Version: >= 2.5.0, < 2.5.2 Version: < 2.4.4 |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T03:08:31.625Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-pgcq-h79j-2f69" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/tensorflow/tensorflow/commit/4d74d8a00b07441cba090a02e0dd9ed385145bf4" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/tensorflow/tensorflow/commit/4dddb2fd0b01cdd196101afbba6518658a2c9e07" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/tensorflow/tensorflow/commit/579261dcd446385831fe4f7457d802a59685121d" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/tensorflow/tensorflow/commit/68422b215e618df5ad375bcdc6d2052e9fd3080a" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/tensorflow/tensorflow/commit/da4aad5946be30e5f049920fa076e1f7ef021261" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/tensorflow/tensorflow/commit/e7f497570abb6b4ae5af4970620cd880e4c0c904" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "tensorflow", "vendor": "tensorflow", "versions": [ { "status": "affected", "version": "\u003e= 2.6.0, \u003c 2.6.1" }, { "status": "affected", "version": "\u003e= 2.5.0, \u003c 2.5.2" }, { "status": "affected", "version": "\u003c 2.4.4" } ] } ], "descriptions": [ { "lang": "en", "value": "TensorFlow is an open source platform for machine learning. In affected versions several TensorFlow operations are missing validation for the shapes of the tensor arguments involved in the call. Depending on the API, this can result in undefined behavior and segfault or `CHECK`-fail related crashes but in some scenarios writes and reads from heap populated arrays are also possible. We have discovered these issues internally via tooling while working on improving/testing GPU op determinism. As such, we don\u0027t have reproducers and there will be multiple fixes for these issues. These fixes will be included in TensorFlow 2.7.0. We will also cherrypick these commits on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-354", "description": "CWE-354: Improper Validation of Integrity Check Value", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2021-11-05T22:05:13", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-pgcq-h79j-2f69" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/tensorflow/tensorflow/commit/4d74d8a00b07441cba090a02e0dd9ed385145bf4" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/tensorflow/tensorflow/commit/4dddb2fd0b01cdd196101afbba6518658a2c9e07" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/tensorflow/tensorflow/commit/579261dcd446385831fe4f7457d802a59685121d" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/tensorflow/tensorflow/commit/68422b215e618df5ad375bcdc6d2052e9fd3080a" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/tensorflow/tensorflow/commit/da4aad5946be30e5f049920fa076e1f7ef021261" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/tensorflow/tensorflow/commit/e7f497570abb6b4ae5af4970620cd880e4c0c904" } ], "source": { "advisory": "GHSA-pgcq-h79j-2f69", "discovery": "UNKNOWN" }, "title": "Incomplete validation of shapes in multiple TF ops", "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security-advisories@github.com", "ID": "CVE-2021-41206", "STATE": "PUBLIC", "TITLE": "Incomplete validation of shapes in multiple TF ops" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "tensorflow", "version": { "version_data": [ { "version_value": "\u003e= 2.6.0, \u003c 2.6.1" }, { "version_value": "\u003e= 2.5.0, \u003c 2.5.2" }, { "version_value": "\u003c 2.4.4" } ] } } ] }, "vendor_name": "tensorflow" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "TensorFlow is an open source platform for machine learning. In affected versions several TensorFlow operations are missing validation for the shapes of the tensor arguments involved in the call. Depending on the API, this can result in undefined behavior and segfault or `CHECK`-fail related crashes but in some scenarios writes and reads from heap populated arrays are also possible. We have discovered these issues internally via tooling while working on improving/testing GPU op determinism. As such, we don\u0027t have reproducers and there will be multiple fixes for these issues. These fixes will be included in TensorFlow 2.7.0. We will also cherrypick these commits on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range." } ] }, "impact": { "cvss": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-354: Improper Validation of Integrity Check Value" } ] } ] }, "references": { "reference_data": [ { "name": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-pgcq-h79j-2f69", "refsource": "CONFIRM", "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-pgcq-h79j-2f69" }, { "name": "https://github.com/tensorflow/tensorflow/commit/4d74d8a00b07441cba090a02e0dd9ed385145bf4", "refsource": "MISC", "url": "https://github.com/tensorflow/tensorflow/commit/4d74d8a00b07441cba090a02e0dd9ed385145bf4" }, { "name": "https://github.com/tensorflow/tensorflow/commit/4dddb2fd0b01cdd196101afbba6518658a2c9e07", "refsource": "MISC", "url": "https://github.com/tensorflow/tensorflow/commit/4dddb2fd0b01cdd196101afbba6518658a2c9e07" }, { "name": "https://github.com/tensorflow/tensorflow/commit/579261dcd446385831fe4f7457d802a59685121d", "refsource": "MISC", "url": "https://github.com/tensorflow/tensorflow/commit/579261dcd446385831fe4f7457d802a59685121d" }, { "name": "https://github.com/tensorflow/tensorflow/commit/68422b215e618df5ad375bcdc6d2052e9fd3080a", "refsource": "MISC", "url": "https://github.com/tensorflow/tensorflow/commit/68422b215e618df5ad375bcdc6d2052e9fd3080a" }, { "name": "https://github.com/tensorflow/tensorflow/commit/da4aad5946be30e5f049920fa076e1f7ef021261", "refsource": "MISC", "url": "https://github.com/tensorflow/tensorflow/commit/da4aad5946be30e5f049920fa076e1f7ef021261" }, { "name": "https://github.com/tensorflow/tensorflow/commit/e7f497570abb6b4ae5af4970620cd880e4c0c904", "refsource": "MISC", "url": "https://github.com/tensorflow/tensorflow/commit/e7f497570abb6b4ae5af4970620cd880e4c0c904" } ] }, "source": { "advisory": "GHSA-pgcq-h79j-2f69", "discovery": "UNKNOWN" } } } }, "cveMetadata": { "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2021-41206", "datePublished": "2021-11-05T22:05:14", "dateReserved": "2021-09-15T00:00:00", "dateUpdated": "2024-08-04T03:08:31.625Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2021-4148 (GCVE-0-2021-4148)
Vulnerability from cvelistv5
► | URL | Tags | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T17:16:04.195Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2026487" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://lkml.org/lkml/2021/9/12/323" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://lkml.org/lkml/2021/9/17/1037" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "kernel", "vendor": "n/a", "versions": [ { "status": "affected", "version": "kernel 5.14.16" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability was found in the Linux kernel\u0027s block_invalidatepage in fs/buffer.c in the filesystem. A missing sanity check may allow a local attacker with user privilege to cause a denial of service (DOS) problem." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-354", "description": "CWE-354", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-03-23T19:46:44", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2026487" }, { "tags": [ "x_refsource_MISC" ], "url": "https://lkml.org/lkml/2021/9/12/323" }, { "tags": [ "x_refsource_MISC" ], "url": "https://lkml.org/lkml/2021/9/17/1037" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2021-4148", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "kernel", "version": { "version_data": [ { "version_value": "kernel 5.14.16" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A vulnerability was found in the Linux kernel\u0027s block_invalidatepage in fs/buffer.c in the filesystem. A missing sanity check may allow a local attacker with user privilege to cause a denial of service (DOS) problem." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-354" } ] } ] }, "references": { "reference_data": [ { "name": "https://bugzilla.redhat.com/show_bug.cgi?id=2026487", "refsource": "MISC", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2026487" }, { "name": "https://lkml.org/lkml/2021/9/12/323", "refsource": "MISC", "url": "https://lkml.org/lkml/2021/9/12/323" }, { "name": "https://lkml.org/lkml/2021/9/17/1037", "refsource": "MISC", "url": "https://lkml.org/lkml/2021/9/17/1037" } ] } } } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2021-4148", "datePublished": "2022-03-23T19:46:44", "dateReserved": "2021-12-21T00:00:00", "dateUpdated": "2024-08-03T17:16:04.195Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
Mitigation
Phase: Implementation
Description:
- Ensure that the checksums present in messages are properly checked in accordance with the protocol specification before they are parsed and used.
CAPEC-145: Checksum Spoofing
An adversary spoofs a checksum message for the purpose of making a payload appear to have a valid corresponding checksum. Checksums are used to verify message integrity. They consist of some value based on the value of the message they are protecting. Hash codes are a common checksum mechanism. Both the sender and recipient are able to compute the checksum based on the contents of the message. If the message contents change between the sender and recipient, the sender and recipient will compute different checksum values. Since the sender's checksum value is transmitted with the message, the recipient would know that a modification occurred. In checksum spoofing an adversary modifies the message body and then modifies the corresponding checksum so that the recipient's checksum calculation will match the checksum (created by the adversary) in the message. This would prevent the recipient from realizing that a change occurred.
CAPEC-463: Padding Oracle Crypto Attack
An adversary is able to efficiently decrypt data without knowing the decryption key if a target system leaks data on whether or not a padding error happened while decrypting the ciphertext. A target system that leaks this type of information becomes the padding oracle and an adversary is able to make use of that oracle to efficiently decrypt data without knowing the decryption key by issuing on average 128*b calls to the padding oracle (where b is the number of bytes in the ciphertext block). In addition to performing decryption, an adversary is also able to produce valid ciphertexts (i.e., perform encryption) by using the padding oracle, all without knowing the encryption key.
CAPEC-75: Manipulating Writeable Configuration Files
Generally these are manually edited files that are not in the preview of the system administrators, any ability on the attackers' behalf to modify these files, for example in a CVS repository, gives unauthorized access directly to the application, the same as authorized users.